3.12.4.1 TCP Dead Peer Detection

The stack sends a TCP packet and makes a lookup of the corresponding connection state in the state table defined in section 3.1.1. It determines whether the packet is a TCP retransmission. If it is a retransmission, the flag DeadPeerDetection defined in section 3.12.1 is set to TRUE and the dead peer detection is executed as follows:

  • The host implementing this feature MUST attempt to rekey the QM SA (as described in [RFC2409] section 5.5) when a new connection is attempted to the peer.

  • On failure of a quick mode rekey, the host implementing this extension MUST attempt to rekey MM SA (as described in [RFC2409] section 5.4) with a maximum of two retransmissions.

  • If MM rekey fails, the peer is deemed dead and a new MM SA negotiation ([RFC2409] section 5.4) can be attempted.